On Fri, Aug 01, 2003 at 08:21:14AM +0800, Louie Miranda wrote: > Hello, > > Is there any Debian package that can check a compromised box? I imagine it depends on what kind of "compromised" you're looking for. chkrootkit springs to mind if you think you've been rooted. integrit or tripwire are pretty cool too, but they're only useful if installed on a "known clean" system. Since they monitor changes to the filesystem, they need a snapshot of the "before" picture to compare against. HTH -- ,-------------------------------------------------------------------------. > -ScruLoose- | What makes a person so poisonous righteous < > Please do not | That they'd think less of anyone who just disagreed? < > reply off-list. | - Moxy Fruvous < `-------------------------------------------------------------------------'
Attachment:
pgpImZfsaeHwO.pgp
Description: PGP signature